HTTPS on, git, reproducible builds

Roger Marquis marquis at
Fri Sep 18 14:08:05 UTC 2015

Glen Barber wrote:
> In fact, Debian has been kind enough to even provide a page that shows
> which parts of the FreeBSD build are non-reproducible.

This issue is one of the reasons secure sites do not use binary packages
or freebsd-update.  It also illustrates problems admins have when
required to buildworld/installworld when all they should need to do is
"cd /usr/src/crypro/openssh&&make install" (for example).  Does anyone
have a link to the archived discussion detailing why this functionality
was deprecated?

These are good and timely subjects given recently published details of
NSA/5 eyes methodologies as well as the issues freebsd security teams
were having as recently as a few months ago.

Roger Marquis


More information about the freebsd-questions mailing list